Skip to main content
POST
/
v2
/
auth
/
passkey
/
append
/
finish
Finish passkey append
curl --request POST \
  --url https://{projectId}.frontendapi.corbado.io/v2/auth/passkey/append/finish \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "signedChallenge": "<string>"
}
'
{
  "blockBody": {
    "block": "signup-init",
    "authType": "signup",
    "data": {
      "blockType": "<string>",
      "challenge": "<string>",
      "identifierValue": "<string>",
      "identifierType": "email",
      "autoSubmit": true,
      "passkeyIconSet": "default",
      "variant": "default"
    },
    "alternatives": "<array>",
    "error": {
      "code": "<string>",
      "message": "<string>"
    },
    "continueOnOtherDevice": {
      "reason": "email-link-verified"
    }
  },
  "common": {
    "appName": "<string>",
    "frontendApiUrl": "<string>",
    "hideBadge": true,
    "environment": "<string>"
  },
  "newProcess": {
    "token": "<string>",
    "expiresAt": 123
  }
}

Authorizations

Authorization
string
header
required

After a user logs in successfully, a session is created and a JWT token is returned. This token represents the user's authenticated session. It must be included in the Authorization header as a Bearer token for all protected endpoints:

Authorization: Bearer <your-token>

The server will validate this token to authorize access.

Body

application/json

tbd.

signedChallenge
string
required

Response

200 - application/json

tbd

blockBody
object
required
common
object
required
newProcess
object